package com.example.demo.config;

import com.example.demo.filter.AuthenticationFilter;
import org.springframework.security.config.annotation.web.configurers.*;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;

@Configuration
public class SecurityCfg {
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http, AuthenticationFilter filer ) throws  Exception{
        http.authorizeHttpRequests( p->
                p.requestMatchers("/login").permitAll()
                .requestMatchers("/book/admin/**").hasRole("AMDIN")
                .anyRequest().authenticated()
        ).addFilterBefore(filer, FilterSecurityInterceptor.class)
                .csrf(httpSecurityCsrfConfigurer -> httpSecurityCsrfConfigurer.disable())
                .httpBasic(HttpBasicConfigurer::disable)
                .logout(LogoutConfigurer::disable)
                .formLogin(FormLoginConfigurer::disable);
        System.out.println("hello verions upadte v1");
        return  http.build();
    }
/*    @Bean
    public FilterRegistrationBean authFilter(AuthorizeFilter filer ){
        FilterRegistrationBean filterRegistrationBean=new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(filer);
        List<String> filters=new ArrayList<>();
        filters.add("/admin/hello");
        filterRegistrationBean.setUrlPatterns(filters);
        return filterRegistrationBean;
    }*/
}
